[NTLUG:Discuss] IP Forwarding
George E. Lass
George.Lass at osc.com
Thu Feb 17 10:46:22 CST 2000
"George E. Lass" wrote:
>
> I'm trying to use my RedHat 6.1 box as a router, but am having
> little success. Here is what my "network" looks like:
>
> BOX-1<------->BOX-2<---->CISCO ROUTER<--------->BOX-3
>
> BOX-1 is 10.2.200.26
> BOX-2 is 10.2.200.1 on eth1 (connecting to BOX-1)
> BOX-2 is also 10.2.1.36 on eth0 (connecting to CISCO ROUTER)
> BOX-3 is 10.2.1.21 on eth0
>
> BOX-3 can telnet to 10.2.1.36
> BOX-3 can also telnet to 10.2.200.1
>
> BOX-2 can telnet to 10.2.1.21
> BOX-2 can also telnet to 10.2.200.26
>
> BOX-1 can telnet to 10.2.200.1
> BOX-1 can also telnet to 10.2.1.36
>
> BUT
>
> BOX-3 can NOT telnet to 10.2.200.1
> BOX-1 can NOT telnet to 10.2.1.21
>
> I've read the HOWTO on ipchains, and fooled with them
> for several hours, but to no avail. I even tried to
> set up a rule to log telnet attempts from BOX-3 to BOX-1
> but I don't ever see any log entries. I tested
> the rule for telnet from BOX-3 to 10.2.200.1 and it
> works just fine:
>
> ipchains -A input -p tcp -s 10.2.1.21 -d 10.2.200.1 telnet -j ACCEPT -l
>
> here is the one that never logs a packet:
>
> ipchains -A input -p tcp -s 10.2.1.21 -d 10.2.200.26 telnet -j ACCEPT -l
>
> Any ideas?
>
> TIA,
>
> George
>
A short update. Using only the following ipchains command, I am now
able to telnet from BOX-1 to BOX-3, but I *still* can't get from BOX-3
to BOX-1:
ipchains -A forward -j MASQ -b -s 10.2.200.0/24 -d 0.0.0.0/0
George
More information about the Discuss
mailing list